Hack Attack —

ISIS hacker pleads guilty to giving terrorists US military kill list

Prosecution represents "the nexus of the terror and cyber threats," feds say.

ISIS hacker pleads guilty to giving terrorists US military kill list

A hacker the US authorities have labeled as the leader of an overseas Internet hacking group—the Kosova Hacker's Security—pleaded guilty Wednesday in federal court to charges of providing material support to the US enemy. It was the first known prosecution of a hacker joining forces with a terror group in a bid to carry out terrorism, the government said.

The defendant, a Kosovo citizen named Ardit Ferizi, was arrested in Malaysia last year and was accused of stealing data on US military personnel by hacking US corporate computers and then providing that data to the Islamic State terror group.

"Ferizi admitted to stealing the personally identifiable information of over 1,000 U.S. servicemembers and federal employees, and providing it to ISIL with the understanding that they would incite terrorist attacks against those individuals," said Assistant Attorney General for National Security John Carlin. "The case against Ferizi is the first of its kind, representing the nexus of the terror and cyber threats."

The defendant admitted (PDF) to forwarding the data to Junaid Hussain, an Islamic State hacker killed in August by a military airstrike. Days before his death, Hussain tweeted "NEW: U.S. Military AND Government HACKED by the Islamic State Hacking Division!" The tweet contained a hyperlink to a 30-page document, the government said.

That document stated, in part, that "we are in your emails and computer systems, watching and recording your every move, we have your names and addresses, we are in your emails and social media accounts, we are extracting confidential data and passing on your personal information to the soldiers of the khilafah, who soon with the permission of Allah will strike at your necks in your own lands!'"

The link also included the "names, e-mail addresses, (PDF) e-mail passwords, locations and phone numbers for approximately 1,351 US military and other government personnel," the government said.

Ferizi faces a maximum 25 years in prison and is scheduled to be sentenced September 16 in a Virginia federal court.

Channel Ars Technica